Postgres Pro
Downloads
Home   >   mailing lists

Re: Multiple false-positive warnings from Valgrind - Mailing list pgsql-hackers

From Michael Paquier
Subject Re: Multiple false-positive warnings from Valgrind
Date
Msg-id CAB7nPqQKdxZ-C67OzU+FiHhtU7NOb8qazjrb-9j0u8P0qzCNMA@mail.gmail.com
Whole thread Raw
In response to Re: [HACKERS] Multiple false-positive warnings from Valgrind  (Michael Paquier <michael.paquier@gmail.com>)
Responses Re: Multiple false-positive warnings from Valgrind  (Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp>)
Re: Multiple false-positive warnings from Valgrind  (Noah Misch <noah@leadboat.com>)
List pgsql-hackers
Tree view 
On Thu, Mar 23, 2017 at 5:15 PM, Michael Paquier
<michael.paquier@gmail.com> wrote:
> On Tue, Mar 21, 2017 at 10:57 PM, Aleksander Alekseev
> <a.alekseev@postgrespro.ru> wrote:
>> Recently I've decided to run PostgreSQL under Valgrind according to wiki
>> description [1]. Lots of warnings are generated [2] but it is my
>> understanding that all of them are false-positive. For instance I've
>> found these two reports particularly interesting:
>>
>> ```
>> ==00:00:40:40.161 7677== Use of uninitialised value of size 8
>> ==00:00:40:40.161 7677==    at 0xA15FF5: pg_b64_encode (base64.c:68)
>> ==00:00:40:40.161 7677==    by 0x6FFE85: scram_build_verifier (auth-scram.c:348)
>> ==00:00:40:40.161 7677==    by 0x6F3F76: encrypt_password (crypt.c:171)
>> ==00:00:40:40.161 7677==    by 0x68F40C: CreateRole (user.c:403)
>> ==00:00:40:40.161 7677==    by 0x85D53A: standard_ProcessUtility (utility.c:716)
>> ==00:00:40:40.161 7677==    by 0x85CCC7: ProcessUtility (utility.c:353)
>> ==00:00:40:40.161 7677==    by 0x85BD22: PortalRunUtility (pquery.c:1165)
>> ==00:00:40:40.161 7677==    by 0x85BF20: PortalRunMulti (pquery.c:1308)
>> ==00:00:40:40.161 7677==    by 0x85B4A0: PortalRun (pquery.c:788)
>> ==00:00:40:40.161 7677==    by 0x855672: exec_simple_query (postgres.c:1101)
>> ==00:00:40:40.161 7677==    by 0x8597BB: PostgresMain (postgres.c:4066)
>> ==00:00:40:40.161 7677==    by 0x7C6322: BackendRun (postmaster.c:4317)
>> ==00:00:40:40.161 7677==  Uninitialised value was created by a stack allocation
>> ==00:00:40:40.161 7677==    at 0x6FFDB7: scram_build_verifier (auth-scram.c:328)
>
> I can see those warnings as well after calling a code path of
> scram_build_verifier(), and I have a hard time seeing that as nothing
> else than a false positive as you do. All those warnings go away if
> you just initialize just do MemSet(salt, 0, SCRAM_SALT_LEN) before
> calling pg_backend_random() but this data is filled in with
> RAND_bytes() afterwards (if built with openssl). The estimated lengths
> of the encoding are also correct. I don't see immediately what's wrong
> here, this deserves a second look...

And it seems to me that this is caused by the routines of OpenSSL.
When building without --with-openssl, using the fallback
implementations of SHA256 and RAND_bytes I see no warnings generated
by scram_build_verifier... I think it makes most sense to discard that
from the list of open items.
-- 
Michael

pgsql-hackers by date:

Previous
From: Michael Paquier
Date:
Subject: Re: postgres_fdw IMPORT SCHEMA and partitioned tables
Next
From: Tom Lane
Date:
Subject: Re: Schedule and Release Management Team for PG10